diff --git a/modules/core/distribution/src/assembly/bin.xml b/modules/core/distribution/src/assembly/bin.xml
index 233f1d0c..038f2470 100644
--- a/modules/core/distribution/src/assembly/bin.xml
+++ b/modules/core/distribution/src/assembly/bin.xml
@@ -551,6 +551,23 @@
+
+ src/repository/resources/web-apps
+ ${pom.artifactId}-${pom.version}/repository/deployment/server/webapps
+
+ api-application-registration.war
+ api#device-mgt#v1.0.war
+ api#scep-mgt#v1.0.war
+ client-registration#v0.11.war
+ secured-websocket.war
+ api#certificate-mgt#v1.0.war
+ api#identity#entitlement.war
+ authenticationendpoint.war
+ oauth2.war
+ shindig.war
+
+
+
../p2-profile-gen/target/wso2carbon-core-${carbon.kernel.version}/repository/deployment/server/jaggeryapps/social/
${pom.artifactId}-${pom.version}/repository/deployment/server/jaggeryapps/social
@@ -1265,5 +1282,47 @@
true
644
+
+ src/repository/jaggeryapps/api-store/jaggery.conf
+
+ ${pom.artifactId}-${pom.version}/repository/deployment/server/jaggeryapps/api-store/
+
+ 755
+
+
+ src/repository/jaggeryapps/devicemgt/jaggery.conf
+
+ ${pom.artifactId}-${pom.version}/repository/deployment/server/jaggeryapps/devicemgt/
+
+ 755
+
+
+ src/repository/jaggeryapps/portal/jaggery.conf
+
+ ${pom.artifactId}-${pom.version}/repository/deployment/server/jaggeryapps/portal/
+
+ 755
+
+
+ src/repository/jaggeryapps/publisher/jaggery.conf
+
+ ${pom.artifactId}-${pom.version}/repository/deployment/server/jaggeryapps/publisher/
+
+ 755
+
+
+ src/repository/jaggeryapps/social/jaggery.conf
+
+ ${pom.artifactId}-${pom.version}/repository/deployment/server/jaggeryapps/social/
+
+ 755
+
+
+ src/repository/jaggeryapps/store/jaggery.conf
+
+ ${pom.artifactId}-${pom.version}/repository/deployment/server/jaggeryapps/store/
+
+ 755
+
diff --git a/modules/core/distribution/src/repository/jaggeryapps/api-store/jaggery.conf b/modules/core/distribution/src/repository/jaggeryapps/api-store/jaggery.conf
new file mode 100644
index 00000000..cd51e91f
--- /dev/null
+++ b/modules/core/distribution/src/repository/jaggeryapps/api-store/jaggery.conf
@@ -0,0 +1,86 @@
+{
+ "welcomeFiles":["site/pages/list-apis.jag", "index.html"],
+
+ "logLevel" : "info",
+
+ "errorPages":
+ {
+ "401":"/site/pages/error-pages/401.html",
+ "403":"/site/pages/error-pages/403.html",
+ "404":"/site/pages/error-pages/404.html",
+ "500":"/site/pages/error-pages/500.html"
+ }
+ ,
+
+ "securityConstraints":[
+ {
+ "securityConstraint":{
+ "webResourceCollection":{
+ "name":"site",
+ "urlPatterns":["/site/conf/site.json"],
+ "methods":["GET", "POST", "PUT", "DELETE", "PATCH"]
+ },
+ "authRoles":["admin"]
+ }
+ }
+ ],
+
+ "urlMappings":[
+ {
+ "url":"/apis/info",
+ "path":"/site/pages/item-info.jag"
+ },
+ {
+ "url":"/apis/widget",
+ "path":"/site/pages/widget.jag"
+ },
+ {
+ "url":"/apis/list",
+ "path":"/site/pages/list-apis.jag"
+ },
+ {
+ "url":"/forum/api/topic/*",
+ "path":"/site/blocks/forum/controller/topics.jag"
+ },
+ {
+ "url":"/forum/api/reply/*",
+ "path":"/site/blocks/forum/controller/reply.jag"
+ },
+ {
+ "url":"/forum/*",
+ "path":"/site/pages/forum.jag"
+ },
+ {
+ "url":"/api-docs/*",
+ "path":"/site/blocks/api-doc/ajax/get.jag"
+ }
+ ],
+
+ "filters":[
+ {
+ "name":"HttpHeaderSecurityFilter",
+ "class":"org.apache.catalina.filters.HttpHeaderSecurityFilter",
+ "params" : [{"name" : "hstsEnabled", "value" : "false"}]
+ },
+ {
+ "name": "ContentTypeBasedCachePreventionFilter",
+ "class": "org.wso2.carbon.ui.filters.cache.ContentTypeBasedCachePreventionFilter",
+ "params" : [
+ {"name" : "patterns", "value" : "text/html"},
+ {"name" : "filterAction", "value" : "enforce"},
+ {"name" : "httpHeaders", "value" : "Cache-Control: no-store, no-cache, must-revalidate, private"}
+ ]
+ }
+ ],
+
+ "filterMappings":[
+ {
+ "name":"HttpHeaderSecurityFilter",
+ "url":"*"
+ },
+ {
+ "name":"ContentTypeBasedCachePreventionFilter",
+ "url":"*"
+ }
+ ]
+}
diff --git a/modules/core/distribution/src/repository/jaggeryapps/devicemgt/jaggery.conf b/modules/core/distribution/src/repository/jaggeryapps/devicemgt/jaggery.conf
new file mode 100644
index 00000000..80d10749
--- /dev/null
+++ b/modules/core/distribution/src/repository/jaggeryapps/devicemgt/jaggery.conf
@@ -0,0 +1,129 @@
+{
+ "displayName": "Carbon Device Management App",
+ "logLevel": "info",
+ "initScripts": ["/app/modules/init.js"],
+ "urlMappings": [
+ {
+ "url": "/api/devices/*",
+ "path": "/api/device-api.jag"
+ },
+ {
+ "url": "/api/groups/*",
+ "path": "/api/group-api.jag"
+ },
+ {
+ "url": "/api/policies/*",
+ "path": "/api/policy-api.jag"
+ },
+ {
+ "url": "/api/user/*",
+ "path": "/api/user-api.jag"
+ },
+ {
+ "url": "/api/invoker/*",
+ "path": "/api/invoker-api.jag"
+ },
+ {
+ "url": "/uuf/login",
+ "path": "/lib/modules/auth/login.jag"
+ },
+ {
+ "url": "/uuf/logout",
+ "path": "/lib/modules/auth/logout.jag"
+ },
+ {
+ "url": "/uuf/sso/acs",
+ "path": "/lib/modules/auth/acs.jag"
+ },
+ {
+ "url": "/public/*",
+ "path": "/lib/static-files.jag"
+ },
+ {
+ "url": "/unit/*",
+ "path": "/lib/units.jag"
+ },
+ {
+ "url": "/*",
+ "path": "/lib/pages.jag"
+ },
+ {
+ "url": "/api/data-tables/invoker",
+ "path": "/api/data-tables-invoker-api.jag"
+ },
+ {
+ "url": "/api/operation/*",
+ "path": "/api/operation-api.jag"
+ }
+ ],
+ "errorPages": {
+ "500": "/error-pages/error500.html",
+ "404": "/error-pages/error404.html",
+ "401": "/error-pages/error401.html",
+ "405": "/error-pages/error405.html",
+ "403": "/error-pages/error403.html",
+ "400": "/error-pages/error400.html"
+ },
+ "filters": [
+ {
+ "name": "ContentTypeBasedCachePreventionFilter",
+ "class": "org.wso2.carbon.ui.filters.cache.ContentTypeBasedCachePreventionFilter",
+ "params" : [
+ {"name" : "patterns", "value" : "text/html\" ,application/json\" ,text/plain"},
+ {"name" : "filterAction", "value" : "enforce"},
+ {"name" : "httpHeaders", "value" : "Cache-Control: no-store, no-cache, must-revalidate, private"}
+ ]
+ },
+ {
+ "name":"HttpHeaderSecurityFilter",
+ "class":"org.apache.catalina.filters.HttpHeaderSecurityFilter",
+ "params" : [{"name" : "hstsEnabled", "value" : "false"}]
+ },
+ {
+ "name" : "CSRFGuard",
+ "class" : "org.owasp.csrfguard.CsrfGuardFilter"
+ }
+
+ ],
+ "filterMappings": [
+ {
+ "name":"HttpHeaderSecurityFilter",
+ "url":"*"
+ },
+ {
+ "name" : "CSRFGuard",
+ "url" : "/*"
+ },
+ {
+ "name":"ContentTypeBasedCachePreventionFilter",
+ "url":"*"
+ }
+
+ ],
+ "listeners" : [
+ {
+ "class" : "org.owasp.csrfguard.CsrfGuardServletContextListener"
+ },
+ {
+ "class" : "org.owasp.csrfguard.CsrfGuardHttpSessionListener"
+ }
+ ],
+ "servlets" : [
+ {
+ "name" : "JavaScriptServlet",
+ "class" : "org.owasp.csrfguard.servlet.JavaScriptServlet"
+ }
+ ],
+ "servletMappings" : [
+ {
+ "name" : "JavaScriptServlet",
+ "url" : "/csrf.js"
+ }
+ ],
+ "contextParams" : [
+ {
+ "name" : "Owasp.CsrfGuard.Config",
+ "value" : "repository/conf/security/Owasp.CsrfGuard.dashboard.properties"
+ }
+ ]
+}
diff --git a/modules/core/distribution/src/repository/jaggeryapps/portal/jaggery.conf b/modules/core/distribution/src/repository/jaggeryapps/portal/jaggery.conf
new file mode 100644
index 00000000..30af6585
--- /dev/null
+++ b/modules/core/distribution/src/repository/jaggeryapps/portal/jaggery.conf
@@ -0,0 +1,195 @@
+{
+ "initScripts": [
+ "js/dashboard-deployer.js"
+ ],
+ "welcomeFiles": [
+ "routers/tenant.jag"
+ ],
+ "errorPages": {
+ "500": "/controllers/error-pages/error500.html",
+ "404": "/controllers/error-pages/error404.html",
+ "401": "/controllers/error-pages/error401.html",
+ "405": "/controllers/error-pages/error405.html",
+ "403": "/controllers/error-pages/error403.html",
+ "400": "/controllers/error-pages/error400.html"
+ },
+ "urlMappings": [
+ {
+ "url": "/login-controller",
+ "path": "/routers/tenant.jag"
+ },
+ {
+ "url": "/login",
+ "path": "/routers/tenant.jag"
+ },
+ {
+ "url": "/logout",
+ "path": "/routers/tenant.jag"
+ },
+ {
+ "url": "/t/*",
+ "path": "/routers/tenant.jag"
+ },
+ {
+ "url": "/apis/*",
+ "path": "/routers/tenant.jag"
+ },
+ {
+ "url": "/dashboards/*",
+ "path": "/routers/tenant.jag"
+ },
+ {
+ "url": "/gadget/*",
+ "path": "/routers/tenant.jag"
+ },
+ {
+ "url": "/layout/*",
+ "path": "/routers/tenant.jag"
+ },
+ {
+ "url": "/assets/*",
+ "path": "/routers/tenant.jag"
+ },
+ {
+ "url": "/create-dashboard",
+ "path": "/routers/tenant.jag"
+ },
+ {
+ "url": "/dashboard-settings/*",
+ "path": "/routers/tenant.jag"
+ },
+ {
+ "url": "/select-layout",
+ "path": "/routers/tenant.jag"
+ },
+ {
+ "url": "/create-gadget",
+ "path": "/routers/tenant.jag"
+ },
+ {
+ "url": "/upload-gadget",
+ "path": "/routers/tenant.jag"
+ },
+ {
+ "url": "/upload-layout",
+ "path": "/routers/tenant.jag"
+ },
+ {
+ "url": "/geojson/world/*",
+ "path": "/templates/geojson/world.json"
+ },
+ {
+ "url": "/geojson/europe/*",
+ "path": "/templates/geojson/europe.json"
+ },
+ {
+ "url": "/geojson/usa/*",
+ "path": "/templates/geojson/usa.json"
+ },
+ {
+ "url": "/geojson/countryInfo/*",
+ "path": "/templates/geojson/countryInfo.json"
+ },
+ {
+ "url": "/geojson/usaInfo/*",
+ "path": "/templates/geojson/usaInfo.json"
+ },
+ {
+ "url": "/acs",
+ "path": "/controllers/acs.jag"
+ },
+ {
+ "url": "/banners/*",
+ "path": "/routers/tenant.jag"
+ },
+ {
+ "url": "/gadgets/*",
+ "path": "/routers/tenant.jag"
+ },
+ {
+ "url": "/configs/designer.json",
+ "path": "/controllers/error-pages/error404.html"
+ }
+ ],
+ "listeners": [
+ {
+ "class": "org.owasp.csrfguard.CsrfGuardServletContextListener"
+ },
+ {
+ "class": "org.owasp.csrfguard.CsrfGuardHttpSessionListener"
+ }
+ ],
+ "servlets": [
+ {
+ "name": "JavaScriptServlet",
+ "class": "org.owasp.csrfguard.servlet.JavaScriptServlet"
+ }
+ ],
+ "servletMappings": [
+ {
+ "name": "JavaScriptServlet",
+ "url": "/csrf.js"
+ }
+ ],
+ "contextParams": [
+ {
+ "name": "Owasp.CsrfGuard.Config",
+ "value": "repository/conf/security/Owasp.CsrfGuard.dashboard.properties"
+ }
+ ],
+ "filters": [
+ {
+ "name": "ContentTypeBasedCachePreventionFilter",
+ "class": "org.wso2.carbon.ui.filters.cache.ContentTypeBasedCachePreventionFilter",
+ "params" : [
+ {"name" : "patterns", "value" : "text/html\" ,application/json\" ,text/plain"},
+ {"name" : "filterAction", "value" : "enforce"},
+ {"name" : "httpHeaders", "value" : "Cache-Control: no-store, no-cache, must-revalidate, private"}
+ ]
+ },
+ {
+ "name": "HttpHeaderSecurityFilter",
+ "class": "org.apache.catalina.filters.HttpHeaderSecurityFilter",
+ "params": [
+ {
+ "name": "hstsEnabled",
+ "value": "false"
+ },
+ {
+ "name": "antiClickJackingOption",
+ "value": "SAMEORIGIN"
+ }
+ ]
+ },
+ {
+ "name": "TenantStoresFilter",
+ "class": "org.wso2.carbon.dashboard.store.filter.TenantStoreFilter"
+ },
+ {
+ "name" : "CSRFGuard",
+ "class" : "org.owasp.csrfguard.CsrfGuardFilter"
+ }
+ ],
+ "filterMappings": [
+ {
+ "name": "HttpHeaderSecurityFilter",
+ "url": "*"
+ },
+ {
+ "name": "TenantStoresFilter",
+ "url": "/store/*"
+ },
+ {
+ "name": "TenantStoresFilter",
+ "url": "/temp/*"
+ },
+ {
+ "name" : "CSRFGuard",
+ "url" : "/*"
+ },
+ {
+ "name":"ContentTypeBasedCachePreventionFilter",
+ "url":"*"
+ }
+ ]
+}
diff --git a/modules/core/distribution/src/repository/jaggeryapps/publisher/jaggery.conf b/modules/core/distribution/src/repository/jaggeryapps/publisher/jaggery.conf
new file mode 100644
index 00000000..1eae2b9e
--- /dev/null
+++ b/modules/core/distribution/src/repository/jaggeryapps/publisher/jaggery.conf
@@ -0,0 +1,195 @@
+{
+ "initScripts": ["config/app.js"],
+ "welcomeFiles": ["/controllers/index_router.jag"],
+ "sessionDestroyedListeners": ["config/clearindex.js"],
+ "logLevel": "info",
+ "urlMappings": [
+ {
+ "url": "/api/authenticate",
+ "path": "/apis/v1/authenticate.jag"
+ },
+ {
+ "url": "/asset/*",
+ "path": "/controllers/asset_router.jag"
+ },
+ {
+ "url": "/assets/*",
+ "path": "/controllers/assets_router.jag"
+ },
+ {
+ "url": "/assets/discover/*",
+ "path": "/controllers/app_discover_router.jag"
+ },
+ {
+ "url": "/api/asset/*",
+ "path": "/apis/v1/asset_api_router.jag"
+ },
+ {
+ "url": "/api/assets/*",
+ "path": "/apis/v1/assets_api_router.jag"
+ },
+ {
+ "url": "/api/discover/*",
+ "path": "/apis/v1/app_discover_api_router.jag"
+ },
+ {
+ "url": "/api/lifecycle/*",
+ "path": "/apis/v1/lifecycle_api_router.jag"
+ },
+ {
+ "url": "/api/entitlement/*",
+ "path": "/apis/v1/entitlement_api_router.jag"
+ },
+ {
+ "url": "/api/mobile/*",
+ "path": "/extensions/mobileapp/api/mobile_api_router.jag"
+ },
+ {
+ "url": "/api/validations/assets/*",
+ "path": "/apis/v1/validations_api_router.jag"
+ },
+ {
+ "url": "/api/validate/*",
+ "path": "/apis/v1/validations_api_router.jag"
+ },
+ {
+ "url": "/api/version/*",
+ "path": "/apis/v1/version_api_router.jag"
+ },
+ {
+ "url": "/api/tag/*",
+ "path": "/apis/v1/tags_api_router.jag"
+ },
+ {
+ "url": "/api/cache/*",
+ "path": "/apis/v1/cache_api_router.jag"
+ },
+ {
+ "url": "/storage/*",
+ "path": "/controllers/storage_router.jag"
+ },
+ {
+ "url": "/test",
+ "path": "/test.jag"
+ },
+ {
+ "url": "/login",
+ "path": "/controllers/login.jag"
+ },
+ {
+ "url": "/acs",
+ "path": "/controllers/acs.jag"
+ },
+ {
+ "url": "/logout",
+ "path": "/controllers/logout.jag"
+ },
+ {
+ "url": "/api/doc",
+ "path": "/apis/v1/docs.jag"
+ },
+ {
+ "url": "/webapp/doc/inline",
+ "path": "/controllers/inline-editor.jag"
+ },
+ {
+ "url": "/api/sso/*",
+ "path": "/apis/v1/ssoconfig_api_router.jag"
+ },
+ {
+ "url": "/api/mobileapp/getfile/*",
+ "path": "/extensions/mobileapp/getfile.jag"
+ },
+ {
+ "url": "/api/mobileapp/getplist/*",
+ "path": "/extensions/mobileapp/plist.jag"
+ },
+ {
+ "url": "/api/xacmlpolicy",
+ "path": "/extensions/webapp/modules/manager/xacmlpolicies.jag"
+ },
+ {
+ "url": "/api/mobileapp/upload",
+ "path": "/extensions/mobileapp/mobileupload.jag"
+ }
+ ],
+ "errorPages": {
+ "401": "/controllers/error401.html",
+ "500": "/controllers/error500.html",
+ "404": "/controllers/error404.html",
+ "403": "/controllers/error403.html",
+ "400": "/controllers/error400.html"
+ },
+ "filters": [
+ {
+ "name": "HttpHeaderSecurityFilter",
+ "class": "org.apache.catalina.filters.HttpHeaderSecurityFilter",
+ "params": [
+ {
+ "name": "hstsEnabled",
+ "value": "false"
+ }
+ ]
+ },
+ {
+ "name": "URLBasedCachePreventionFilter",
+ "class": "org.wso2.carbon.ui.filters.cache.URLBasedCachePreventionFilter"
+ },
+ {
+ "name" : "CSRFGuard",
+ "class" : "org.owasp.csrfguard.CsrfGuardFilter"
+ }
+ ],
+ "filterMappings": [
+ {
+ "name": "HttpHeaderSecurityFilter",
+ "url": "*"
+ },
+ {
+ "name":"URLBasedCachePreventionFilter",
+ "url":"/api/*"
+ },
+ {
+ "name":"URLBasedCachePreventionFilter",
+ "url":"/asset/*"
+ },
+ {
+ "name":"URLBasedCachePreventionFilter",
+ "url":"/assets/*"
+ },
+ {
+ "name":"URLBasedCachePreventionFilter",
+ "url":"/storage/*"
+ },
+ {
+ "name" : "CSRFGuard",
+ "url" : "/*"
+ }
+ ],
+ "listeners": [
+ {
+ "class": "org.owasp.csrfguard.CsrfGuardServletContextListener"
+ },
+ {
+ "class": "org.owasp.csrfguard.CsrfGuardHttpSessionListener"
+ }
+ ],
+ "servlets": [
+ {
+ "name": "JavaScriptServlet",
+ "class": "org.owasp.csrfguard.servlet.JavaScriptServlet"
+ }
+ ],
+ "servletMappings": [
+ {
+ "name": "JavaScriptServlet",
+ "url": "/csrf.js"
+ }
+ ],
+ "contextParams": [
+ {
+ "name": "Owasp.CsrfGuard.Config",
+ "value": "repository/conf/security/Owasp.CsrfGuard.dashboard.properties"
+ }
+ ]
+}
diff --git a/modules/core/distribution/src/repository/jaggeryapps/social/jaggery.conf b/modules/core/distribution/src/repository/jaggeryapps/social/jaggery.conf
new file mode 100644
index 00000000..2da098c3
--- /dev/null
+++ b/modules/core/distribution/src/repository/jaggeryapps/social/jaggery.conf
@@ -0,0 +1,115 @@
+{
+ "welcomeFiles": ["index.jag"],
+ "sessionDestroyedListeners":["modules/clearindex.js"],
+ "initScripts": ["inits/app.js"],
+ "urlMappings": [
+ {
+ "url": "/apis/v1/comments/*",
+ "path": "/apis/v1/comments.jag"
+ },
+ {
+ "url": "/apis/v1/rating/*",
+ "path": "/apis/v1/rating.jag"
+ },
+ {
+ "url": "/",
+ "path": "/controllers/index.jag"
+ },
+ {
+ "url": "/t/*",
+ "path": "/controllers/index.jag"
+ },
+ {
+ "url": "/login",
+ "path": "/controllers/login.jag"
+ },
+ {
+ "url": "/logout",
+ "path": "/controllers/logout.jag"
+ },
+ {
+ "url": "/acs",
+ "path": "/controllers/acs.jag"
+ },
+ {
+ "url": "/configs/*",
+ "path": "/"
+ }
+ ],
+ "errorPages": {
+ "500": "/controllers/error500.html",
+ "404": "/controllers/error404.html",
+ "401": "/controllers/error401.html",
+ "403": "/controllers/error403.html"
+ },
+ "filters":[
+ {
+ "name": "ContentTypeBasedCachePreventionFilter",
+ "class": "org.wso2.carbon.ui.filters.cache.ContentTypeBasedCachePreventionFilter",
+ "params" : [
+ {"name" : "patterns", "value" : "text/html\" ,application/json\" ,text/plain"},
+ {"name" : "filterAction", "value" : "enforce"},
+ {"name" : "httpHeaders", "value" : "Cache-Control: no-store, no-cache, must-revalidate, private"}
+ ]
+ },
+ {
+ "name":"HttpHeaderSecurityFilter",
+ "class":"org.apache.catalina.filters.HttpHeaderSecurityFilter",
+ "params" : [{"name" : "hstsEnabled", "value" : "false"}]
+ },
+ {
+ "name":"HttpHeaderSecurityFilter_AntiClickJacking_SpecialURL",
+ "class":"org.apache.catalina.filters.HttpHeaderSecurityFilter"
+ "params" : [
+ {"name" : "hstsEnabled", "value" : "false"},
+ {"name" : "blockContentTypeSniffingEnabled", "value" : "false"},
+ {"name" : "xssProtectionEnabled", "value" : "false"},
+ {"name" : "antiClickJackingOption", "value" : "SAMEORIGIN"}
+ ]
+ },
+ {
+ "name" : "CSRFGuard",
+ "class" : "org.owasp.csrfguard.CsrfGuardFilter"
+ }
+ ],
+ "filterMappings":[
+ {
+ "name":"HttpHeaderSecurityFilter_AntiClickJacking_SpecialURL",
+ "url":"/social/*"
+ },
+ {
+ "name":"ContentTypeBasedCachePreventionFilter",
+ "url":"*"
+ },
+ {
+ "name" : "CSRFGuard",
+ "url" : "/*"
+ }
+ ],
+ "listeners" : [
+ {
+ "class" : "org.owasp.csrfguard.CsrfGuardServletContextListener"
+ },
+ {
+ "class" : "org.owasp.csrfguard.CsrfGuardHttpSessionListener"
+ }
+ ],
+ "servlets" : [
+ {
+ "name" : "JavaScriptServlet",
+ "class" : "org.owasp.csrfguard.servlet.JavaScriptServlet"
+ }
+ ],
+ "servletMappings" : [
+ {
+ "name" : "JavaScriptServlet",
+ "url" : "/csrf.js"
+ }
+ ],
+ "contextParams" : [
+ {
+ "name" : "Owasp.CsrfGuard.Config",
+ "value" : "repository/conf/security/Owasp.CsrfGuard.dashboard.properties"
+ }
+ ]
+}
diff --git a/modules/core/distribution/src/repository/jaggeryapps/store/jaggery.conf b/modules/core/distribution/src/repository/jaggeryapps/store/jaggery.conf
new file mode 100644
index 00000000..2df48819
--- /dev/null
+++ b/modules/core/distribution/src/repository/jaggeryapps/store/jaggery.conf
@@ -0,0 +1,242 @@
+{
+ "welcomeFiles":[
+ "/controllers/public-stores.jag"
+ ],
+ "initScripts":[
+ "/config/app.js"
+ ],
+ "sessionDestroyedListeners":[
+ "/config/clearindex.js"
+ ],
+ "logLevel":"info",
+ "urlMappings":[
+ {
+ "url":"/modules/*",
+ "path":"/"
+ },
+ {
+ "url":"/apis/v1/assets/*",
+ "path":"/apis/v1/assets.jag"
+ },
+ {
+ "url":"/apis/asset/*",
+ "path":"/apis/asset.jag"
+ },
+ {
+ "url":"/apis/assets/*",
+ "path":"/apis/assets.jag"
+ },
+ {
+ "url":"/apis/remove/*",
+ "path":"/apis/asset.jag"
+ },
+ {
+ "url":"/apis/tag/*",
+ "path":"/apis/tag.jag"
+ },
+ {
+ "url":"/apis/myAsset/*",
+ "path":"/apis/asset.jag"
+ },
+ {
+ "url":"/t/*",
+ "path":"/controllers/ref_tenant_router.jag"
+ },
+ {
+ "url":"/apis/user/*",
+ "path":"/apis/user.jag"
+ },
+ {
+ "url":"/apis/comment/*",
+ "path":"/apis/comment.jag"
+ },
+ {
+ "url":"/apis/enterprise/*",
+ "path":"/apis/enterprise.jag"
+ },
+ {
+ "url":"/apis/comments/*",
+ "path":"/apis/comment.jag"
+ },
+ {
+ "url":"/apis/eventpublish/*",
+ "path":"/apis/eventpublish.jag"
+ },
+ {
+ "url":"/apis/rate/*",
+ "path":"/apis/rating.jag"
+ },
+ {
+ "url":"/apis/favourite/*",
+ "path":"/apis/favourite.jag"
+ },
+ {
+ "url":"/apis/*",
+ "path":"/controllers/routers/apis.jag"
+ },
+ {
+ "url":"/assets/*",
+ "path":"/controllers/routers/assets.jag"
+ },
+ {
+ "url":"/resources/*",
+ "path":"/controllers/routers/restfulapis.jag"
+ },
+ {
+ "url":"/storage/*",
+ "path":"/controllers/routers/storage_router.jag"
+ },
+ {
+ "url":"/extensions/*",
+ "path":"/controllers/routers/extensions.jag"
+ },
+ {
+ "url":"/subscriptions/*",
+ "path":"/controllers/routers/subscriptions.jag"
+ },
+ {
+ "url":"/assets/",
+ "path":"/controllers/home.jag"
+ },
+ {
+ "url":"/assets/favourite",
+ "path":"/controllers/favouriteapps.jag"
+ },
+ {
+ "url":"/asset/*",
+ "path":"/routers/asset.jag"
+ },
+ {
+ "url":"/config",
+ "path":"/"
+ },
+ {
+ "url":"/acs",
+ "path":"/controllers/acs.jag"
+ },
+ {
+ "url":"/dashboard",
+ "path":"/controllers/dashboard.jag"
+ },
+ {
+ "url":"/login",
+ "path":"/controllers/login.jag"
+ },
+ {
+ "url":"/logout",
+ "path":"/controllers/logout.jag"
+ },
+ {
+ "url":"/mobileapp/device_image",
+ "path":"/extensions/assets/mobileapp/pages/device_image.jag"
+ },
+ {
+ "url":"/apps/*",
+ "path":"/extensions/assets/mobileapp/apis.jag"
+ },
+ {
+ "url":"/mobileapp/myapps",
+ "path":"/extensions/assets/mobileapp/pages/myapps.jag"
+ },
+ {
+ "url":"/api/mobileapp/getfile/*",
+ "path":"/extensions/assets/mobileapp/pages/getfile.jag"
+ }
+ ],
+ "errorPages":{
+ "500":"/controllers/error500.html",
+ "404":"/controllers/error404.html",
+ "401":"/controllers/error401.html",
+ "403":"/controllers/error403.jag"
+ },
+ "filters": [
+ {
+ "name": "HttpHeaderSecurityFilter",
+ "class": "org.apache.catalina.filters.HttpHeaderSecurityFilter",
+ "params": [
+ {
+ "name": "hstsEnabled",
+ "value": "false"
+ }
+ ]
+ },
+ {
+ "name": "HttpHeaderSecurityFilter_AntiClickJacking_SpecialURL",
+ "class": "org.apache.catalina.filters.HttpHeaderSecurityFilter",
+ "params": [
+ {
+ "name": "hstsEnabled",
+ "value": "false"
+ },
+ {
+ "name": "blockContentTypeSniffingEnabled",
+ "value": "false"
+ },
+ {
+ "name": "xssProtectionEnabled",
+ "value": "false"
+ },
+ {
+ "name": "antiClickJackingOption",
+ "value": "SAMEORIGIN"
+ }
+ ]
+ },
+ {
+ "name": "URLBasedCachePreventionFilter",
+ "class": "org.wso2.carbon.ui.filters.cache.URLBasedCachePreventionFilter"
+ },
+ {
+ "name" : "CSRFGuard",
+ "class" : "org.owasp.csrfguard.CsrfGuardFilter"
+ }
+ ],
+ "filterMappings": [
+ {
+ "name": "HttpHeaderSecurityFilter",
+ "url": "*"
+ },
+ {
+ "name": "HttpHeaderSecurityFilter_AntiClickJacking_SpecialURL",
+ "url": "/samlsso/*"
+ },
+ {
+ "name":"URLBasedCachePreventionFilter",
+ "url":"/apis/*"
+ },
+ {
+ "name":"URLBasedCachePreventionFilter",
+ "url":"/assets/*"
+ },
+ {
+ "name" : "CSRFGuard",
+ "url" : "/*"
+ }
+ ],
+ "listeners": [
+ {
+ "class": "org.owasp.csrfguard.CsrfGuardServletContextListener"
+ },
+ {
+ "class": "org.owasp.csrfguard.CsrfGuardHttpSessionListener"
+ }
+ ],
+ "servlets": [
+ {
+ "name": "JavaScriptServlet",
+ "class": "org.owasp.csrfguard.servlet.JavaScriptServlet"
+ }
+ ],
+ "servletMappings": [
+ {
+ "name": "JavaScriptServlet",
+ "url": "/csrf.js"
+ }
+ ],
+ "contextParams": [
+ {
+ "name": "Owasp.CsrfGuard.Config",
+ "value": "repository/conf/security/Owasp.CsrfGuard.dashboard.properties"
+ }
+ ]
+}